I worked with both products for many years and I like both vendors. Both have nice features but when it come to IPSec/SSL VPN, Fortinet is better from performance prospective because Fortinet is using ASIC for encryption / decryption which is fast than general purposes CPU…

I dont like the GUI and CLI command. It is hard to manage the firewall, their GUI is not a user friendly and some advance configurations you have to do through CLI. When it comes to Fortigate, it is easy to manage and many advanced features you can do through GU - SSL VPN,…

I do recommend Zscaler Cloud over iboss and onsite hardware appliance no matter from which vendor. We are living on mobility world ... Tradiationally, to protect remote users working from remote site, companies are backhaul traffic from remote sites to HQ site then out to…

From experience with Email Security Gateway, three key players in that area : Proofpoint , Mimecast and Fortinet ( FortiMail ). Not saying other vendors are bad but not strong as the three vendors listed above.

I am currently working at Zscaler and used to work at Fortinet. If you want users to be protected no matter where they are located and without the need to VPN [route-all-mode] to protect remote users, then go with Zscaler. All features offered by any physical appliance are…

Sorry I have no experience with Barracuda NGFW. Check Gartner report for more information.

I would recommend Fortigate over Check-point and Palo Alto for these reasons 1. You can almost same features with lower price for both hardware and support / license 2. Checkpoint is most expensive firewall among these listed above. Not only this, it is the most complex…

The easy way to migrate from one model to another is taking the config file and modify it manually, say rename port WAN to port-1 ( sometimes you need to modify the syntax of commands when moving between different versions) and upload the config back. Another method is to…

This feature gives you what we called "Network Visibility" by applying all security profiles such as IPS/IDS, App Control, Web filter .. etc all in monitoring mode to help building effective security policy between different network zone(s). But first you need to understand…

I agree with you that reading the output of Fortigate debug command(s) needs the knowledge first of how to interpret the output and to have that one, you either take NSE-7 course or read the admin guide since it shows some debug outputs along with explanation The logs…

**Sizing is ALWAYS an issue for many people even for Sales Engineers / system Engineers. Number of users is not always the baseline when selecting the best model because you have other services running on your network and other factors that you need to take in consideration…

I don’t have a solid experience with Cisco ASA and Checkpoint. The only experience with checkpoint was during my CCSA course -The architecture of CP is the same as Imperva where you have management server and gateway. -The management server is very strong product with…

There is no so called %100% security. All cybersecurity vendors stated Cleary that every single one of them is a Leader in this field but the question from customer point of view: How I can trust your claim(s) I do like to review Magic Quadrant Report but do I fully trust…

I agree that the weakest chain in security is end user but at the same time not all companies have skilled people ( penetration tester ) to evaluate their security in place. You cannot easily test your current security product on every single layer of OSI ( layer 3 - layer 7…

I agree with about the statement that every single vendor is the leader at what they do but the real question is how to measure the effectiveness of their solution(s) Personally, I don’t trust information available on Gartner report due to my understanding about how…

Just one comment about some people mentioning that intel vs ASIC is only important in routing / stateful packet inspection. Offloading session to ASIC is way much faster than using CPU not only for UTM features but also with IPSec / SSLVPN where encryption / decryption is…

Q: Can Sophos XG 85w handle network traffic going through Cisco switches better Than Fortigate UTM A: Both can handle traffic going through Cisco switches but it depends about the amount of traffic needs to be processed / inspected. Sophos XG 85w is Intel-Based hardware…

I know Dell SonicWall very well since I used to work there for 3 yrs. Many customers now implementing multi-layer approach where they have SonicWall in Route / NAT mode and and IPS/IDS from another vendor such as Fortinet in Transparent mode for better security and…

Checkpoint is the most complex firewall/UTM/NGFW among the vendors I worked with compared to Fortinet / SonicWall / Netasq. The product is stable and comes with many amazing features even most of them costing money but with these features, you can easily get better…

My advise always when it come to comparison between different UTN/NGFW vendor is to test the unit and see if meets your needs or not. Every box ( all vendors ) has its own strengths / weaknesses and your bad experience with one vendor does not necessarily apply to someone…

WAN LB / Fail-over featurewith Dell SonicWall UTM is easy to configure. The only challenge is to find out some external resources to probe to help detecting when there is no internet over specific WAN link even when the link is UP ( physical layer is Ok ). Most of the time…

I agree with you that Cyberaom offers cost effective solutions compared to Fortinet / Checkpoint and maybe Dell SonicWall but you need to choose the right product based on your customer needs I don’t have an experience with Cyberoam but I do have with Fortinet / Dell…

Unfortunately, I don’t have any experience with Cyberoam so I might not be able to provide such comparison But I can compare Fortinet with SonicWall : - Web Content blocking and filtering: Both they do the job but with SonicWall they have a problem “Rate images by…